VULHUB ™

Google's custom websearch does not prevent javascript from being inserted into the url of the image, allowing malicious users to modify the content of the google page allowing in phishing attacks, or silently steal search terms/results/clicks or modify actual searches to always contain controlled results.

Google's custom websearch does not prevent javascript from being inserted into the url of the image, allowing malicious users to modify the content of the google page allowing in phishing attacks, or silently steal search terms/results/clicks or modify actual searches to always contain controlled results.